IT Answers » Risk managementhttp://itknowledgeexchange.techtarget.com/itanswers
Tue, 03 Mar 2015 16:25:47 +0000en-UShourly1Procedures for a new areahttp://itknowledgeexchange.techtarget.com/itanswers/procedures-for-a-new-area/
http://itknowledgeexchange.techtarget.com/itanswers/procedures-for-a-new-area/#commentsWed, 23 May 2007 22:13:31 +0000http://itknowledgeexchange.techtarget.com/itanswers/procedures-for-a-new-area/feed/0Board security awareness & educationhttp://itknowledgeexchange.techtarget.com/itanswers/board-security-awareness-education/
http://itknowledgeexchange.techtarget.com/itanswers/board-security-awareness-education/#commentsMon, 05 Jan 2015 19:38:57 +0000http://itknowledgeexchange.techtarget.com/itanswers/board-security-awareness-education/http://itknowledgeexchange.techtarget.com/itanswers/board-security-awareness-education/feed/4Issues of risk managementhttp://itknowledgeexchange.techtarget.com/itanswers/risk-management/
http://itknowledgeexchange.techtarget.com/itanswers/risk-management/#commentsThu, 27 Mar 2008 14:16:37 +0000http://itknowledgeexchange.techtarget.com/itanswers/risk-management/feed/0Risk Assessment for Application Systemshttp://itknowledgeexchange.techtarget.com/itanswers/risk-assessment-for-application-systems/
http://itknowledgeexchange.techtarget.com/itanswers/risk-assessment-for-application-systems/#commentsMon, 15 Jun 2009 03:49:08 +0000Can please share the risk assessment methods/ questionnaires/approach for application systems.We understand that the assessment may cover technology, people, and process. We need to come-out with the assessment report indicating the risk level & rating of the application systems.
]]>http://itknowledgeexchange.techtarget.com/itanswers/risk-assessment-for-application-systems/feed/0What is the best way to implement a risk assessment in an IT department that will align COBIT controls with risks?http://itknowledgeexchange.techtarget.com/itanswers/what-is-the-best-way-to-implement-a-risk-assessment-in-an-it-department-that-will-align-cobit-controls-with-risks/
http://itknowledgeexchange.techtarget.com/itanswers/what-is-the-best-way-to-implement-a-risk-assessment-in-an-it-department-that-will-align-cobit-controls-with-risks/#commentsMon, 16 Feb 2009 18:04:29 +0000A compliance officer in Europe could use some advice from fellow IT professionals and executives. His IT budget is being scrutinized, as is the case in every organization in 2009; he needs targets to get things done more efficiently but without taking on more risk.

His department is evaluating benchmarking IT application controls as a way of testing strategy.

He would like to know what you think is the best way to implement a risk assessment in an IT department that will align COBIT controls with risks.

We are a Cdn Govt agency involved in Satellite Operations with a commercial partner based across the country. We will need to build/buy a small secure web service application for reporting purposes that will require minimal IT expertise to build or maintain, and will deliver maximum performance in terms of response time and data transfer via the Internet.

The back end RDBMS engine is built with MS SQL server and will be maintained by the partner. The size of the database is expected to grow over a period of 7 years to ~10 GB. The partner has chosen to use MS-Access and Crystal Reports 7 for report generation and is quite satisfied with these as they provide unrestricted views of the database (prefers MS-Access to Crystal). We would need to develop a similar reporting capability but with restricted view of the database to allow us to see only the data that we are entitled to see (i.e. record and column level security must be available).

We need capability to access the tool from remote offices, generate /download reports in Word, Excel and PDF format to the remote offices via the web. The tool should have capability of at least 5 concurrent remote users. On our side, users will have MS-Office with IE Explorer.

The partner does not object to our setting up a web server on their premises with access to the SQL server.

What are some good reporting tool technology choices ? Budget for the tool is below 15K$ CAD.